These links every Rails developer and CTO should know:
Check gems for security updates
Bundler-audit checks for vulnerable versions of your gems
OWASP Top Ten Project
The most critical web application security flaws
Rails security mailing list
Announcements by e-mail
Ruby security news
Keep up with the programming language’s security, too
The official Ruby on Rails security guide
A complete guide about the basics of Rails security.
